IQSS
WIP: PoC OIDC Signup (create user account) via API call
What this PR does / why we need it: A PoC that shows how a user account can be created via an API call. This requires the configuration of an OIDC Authentication provider.
Which issue(s) this PR closes:
Closes #
Special notes for your reviewer:
The client in keycloak must be adapted to enabled and enforce the consent
Suggestions on how to test this:
https://github.com/IQSS/dataverse/assets/8245181/5583669c-07f3-4306-b120-591c2726a3b6
Once the user is created. The consent is stored in keycloak.
Does this PR introduce a user interface change? If mockups are available, please link/include them here:
Is there a release notes update needed for this change?:
Additional documentation:
FWIW: At QDR, we've made modifications to support passive login/account creation in Dataverse as part of our SSO with other apps. Once you login to this client on Keycloak in some app, when you go to Dataverse, the code tries a prompt=none login and picks up who you are (if you are logged in, otherwise you get normal not-logged-in behavior) and logs you in, creating the account if necessary. We didn't have to have the consent required on (not sure this PR needs it either). (Also FWIW: We've looked at granting long-lived off-line tokens, which might be appropriate for API/CLI use, but this is separate from registration/login).
@johannes-darms this PR has some merge conflicts.
Also, we're starting to talk about auth again. You might be interested in this:
- https://github.com/IQSS/dataverse-frontend/pull/504
@johannes-darms hi! There's been a good amount of OIDC work merged for 6.6 and this PR of yours has merge conflicts. Can you please resolve them and let us know if you want to us to move this PR forward? Thanks!